diff --git a/ungleichotp/otpauth/models.py b/ungleichotp/otpauth/models.py
index 78e7e57..b815593 100644
--- a/ungleichotp/otpauth/models.py
+++ b/ungleichotp/otpauth/models.py
@@ -39,8 +39,8 @@ class OTPAuthentication(authentication.BaseAuthentication):
 
         if serializer.is_valid():
             print("trying to save... {}".format(serializer))
-            user = serializer.save()
+            user, token = serializer.save()
         else:
             raise exceptions.AuthenticationFailed()
 
-        return (user, None)
+        return (user, token)
diff --git a/ungleichotp/otpauth/serializer.py b/ungleichotp/otpauth/serializer.py
index 2986157..b592da9 100644
--- a/ungleichotp/otpauth/serializer.py
+++ b/ungleichotp/otpauth/serializer.py
@@ -78,4 +78,4 @@ class TokenSerializer(serializers.Serializer):
         if not totp.verify(token_in, valid_window=3):
             raise exceptions.AuthenticationFailed()
 
-        return db_instance
+        return (db_instance, token_in)
diff --git a/ungleichotp/ungleichotp/settings.py b/ungleichotp/ungleichotp/settings.py
index af24e79..21646ab 100644
--- a/ungleichotp/ungleichotp/settings.py
+++ b/ungleichotp/ungleichotp/settings.py
@@ -104,6 +104,7 @@ AUTH_PASSWORD_VALIDATORS = [
 
 REST_FRAMEWORK = {
     'DEFAULT_AUTHENTICATION_CLASSES': (
+        'rest_framework.authentication.SessionAuthentication',
         'otpauth.models.OTPAuthentication'
     )
 }